About the Team

The Telefónica UK Cyber Emergency Response Team (CERT) lead IT security incident response and management for O2. This includes a cyber-threat intelligence capability. When not responding to incidents the team take proactive approach to help prevent or reduce the impact of a potential incident, promote awareness and provide guidance/advice. 

About the Role

The CERT Incident Manager is expected to lead on all IT security related incidents up to and including major cyber security incidents.

Key Responsibilities

• Manage varying levels and priorities of incident, up to and including major cyber security incidents.
• Provide excellent incident response (IR) capability to the business, aligning to industry best practise IR models.
• Delegating key tasks to several departments through the incident, including; service/operational and technical teams, comms and Press Office, Legal and Regulatory team, DPO and third party suppliers.
• Respond to and identify threats reported through various business channels (SOC, IT, Networks, CTI, LEAs/Government, users etc.).
• Conduct log analysis and forensic investigation.
• Manage the overall business response, including; containing the event, removing it and recovery phases.
• Complete post incident reviews, detailing root cause, recommendations and areas for improvement to feed into continual improvement lifecycle.
• Provide interim and full incident reports in accordance with defined SLAs. 
• When not responding to reported events, proactively search for and identifying threats, taking prompt action to prevent IT security incidents occurring.
• Assist key stakeholders in IT and Networks with cyber threat intelligence.
• Remain current with the latest attack TTPs and threats, including APTs and e-crime threat actors.

What We Need from You

Essential Skills:

• Direct experience of incident response/management at an enterprise level.
• Experience in host and network based investigations, analysis in; log files, memory dumps and network packets.
• Broad knowledge of IT and network technologies, especially at an enterprise level; OS – Windows and Linux, Active Directory, Security – IDS/IPS, Firewalls, SIEM and elastic search tools.
• Senior stakeholder management, with the ability to articulate complex and technical issues to business leaders and non-technical audience.
• Experienced in incident report writing. 

Desirable:

• Experience of forensic investigation and tools.

• Forensic qualification(s) e.g. GCFA or GNFA.
• Cyber security incident handling qualification(s) e.g. GCIH, ECIH or CCIM

We’ll be sending you emails about the status of your application. To make sure you receive these, please add @O2.com and @telefonica.com to your Safe Senders list. 

We’re looking to pay a great compensation package (depending on experience) for this position. We also offer plenty of extras to sweeten the deal, which could include things like bonuses, life assurance cover, health care and lots of flexible benefits.  

Also, every employee has their personal development supported with a LinkedIn learning account; plus other role specific learning available through our award-winning digital learning platform - O2 Campus. 

We also believe a great work-life balance is important, so we’re open to considering flexible working arrangements. Like to know more, feel free to raise it.  

Join us and we’ll encourage you to be bold every day. So take a deep breath, your career is about to go to exciting new places. 

If you have any questions around the role then please email ResourceTUK@o2.com who will be happy to help.